Here's the original post, in case the 4chan thread gets deleted:
A few months ago I posted here looking for help with a SD card I found while renovating a school. It was hidden in a wall outlet, and had several files with names on them, and obviously was a bunch of encrypted containers.
Well, I managed to brute force one of them and inside was more containers, but a month ago I managed to open another and this time there was videos and pictures, stuff that made me go to the cops right away.
So I turned over everything to them and told them all I knew, and that's when the bullshit began. Right from the start the police thought I had something to do with it. They took every device in my home that could store data, my phone, my laptops and computers, my PS3, even all my USB drives and camera. They questioned my family and went to my job and harassed everyone that I had any contact with,
Right now I still haven't gotten any of my property back, and my friends and family think I am a creep. I am writing this to give a warning to everyone that works with IT if they end up in a situation like me. Don't go to the authorities, don't try and do the right thing, don't say a fucking thing just destroy what you found and move on. Trying to be a good person is just going to fuck your life over
He brute forced two encrypted containers? Who does that for an SD card you find?
And hidden in a wall outlet? Really? Someone just walks around carrying a screwdriver for opening wall outlets, and hopes not to get shocked? There are far easier places to hide things.
And cops questioning family and job contacts for this?
A hidden SD card containing encrypted archives could be lots of things. It's like a puzzle. I'm sure it made him curious. Why would you assume the contents are illegal? I wouldn't.
To me the op is no different from people who participate in ARGs. Only in this case, the prize at the end of the game was a ruined life.
If the police behavior sounds implausible, you haven't read any stories about similar cases.
> To me the op is no different from people who participate in ARGs.
Except, you know, the game part of ar_G_. Real life is not a video game. If you live as if it is, something bad is probably going to happen to you eventually. Brute forcing something that doesn't belong to you is not just bad form, it's stupid, and depending on what it happens to be, possibly illegal.
Does that make the police harassing him OK? Perhaps not. Is any part of this story even true? Also perhaps not.
Many ARGs intentionally attempt to seem as real as possible, which is part of the appeal. There have been examples in the past where this has caused problems for people (the ill-fated game Majestic being one example). Contrived cryptography/hacking puzzles also show up as hiring screens, etc.
My point is that his mindset is essentially the same: He ran across an intriguing puzzle and tried to solve it.
OK. He should solve the meta-puzzle first. "What is this likely to be, and in what proportion of possible worlds is the outcome of knowing the answer to that question good for me."
I agree. A lot of problems that afflict innocent people in our society can be chalked up to not doing that kind of higher-level thinking - what would be a person's possible motives for setting up this scenario? What are the potential consequences? Am I risking my finances, health, or livelihood by getting involved?
He was renovating a school, thus he was carrying around a screwdriver (and probably lots of other tools) and possibly popping off outlet plates left and right (in preparation for, say, painting the walls).
If I found an sd card with encrypted files I'd be curious as hell.
Maybe the guy who hid it got the idea from Breaking Bad.
You really think someone would do that? Just go on the internet and lie?
As for the "hidden in a wall outlet", I don't know why that sounds outlandish to you. I've worked in construction, and had to remove wall outlets all the time...never once got shocked. Plus, Walter White did it so it's got to be a logical and prudent thing to do. Right?
>> He brute forced two encrypted containers? Who does that for an SD card you find?
I would _totally_ do that for any encrypted files that came into my possession via an apparently discarded device. My curiosity would be through the roof. Of course, if I found illegal stuff... I'd burn the medium, throw the medium into the ocean, throw the ocean into the sun, and throw the sun into the moon.
Though if you do ever happen to come across an SD card filled with encrypted child pornography, personally decrypting it and turning it in to the police is probably not the brightest course of action.
Since I read the story and posted a comment about it... yeah, I suppose I am part of the baited rabble =)
It would be victim blaming if I thought he were actually a real person, but the latter part was entirely a well-intentioned tip to any person who actually finds himself in a similar situation. At least talk to a lawyer before traipsing into someplace dangerous like the police office.
So you don't think this really happened, but agree that it could plausibly happen, and give advice similar to the OP.. doesn't that make the question wether this actually happened a bit moot?
IMHO it's not stupid to go to the cops with evidence of wrongdoing, at worst it's being naive and trusting... at best it's simply doing the correct thing without delay. How would anyone know otherwise, without such "rabble rousing" anecdotes, or first-hand experience?
What really is stupid are such reactions of police. We shouldn't seek to teach people to mistrust the police, that is just a crappy short-term workaround; we should teach the police to be worthy of trust. Don't ask me how, it's just when I'm roused I get these big ideas :)
This mindset, along with the police behavior that motivates it, will eventually turn the US into a mind-your-own-business country, where crimes can happen in broad daylight and people get in trouble while passersby do nothing. We've seen a similar culture in action in news stories from China.
The net result: cops' job gets harder, and they only have themselves to blame for alienating the people who should be their allies. At least maximum employment will be guaranteed for them.
The uncanny thing about this kind of ever-increasing animosity and mutual antagonism between the public and law enforcement ( of all kinds - local, federal and the miscellaneous) is that there has to be someone benefiting from this state of affairs.
It simply cannot be that neither side - groups pushing for stronger prosecution of crime and ones pushing for decriminalization of petty crimes [4][5][6] - likes it , yet does nothing to ease tensions and head towards less contentious state of affairs.
I suspect the groups who stand to benefit from this state of morass have cozy relations between them and are likely :
Not at all like the situation in China. In the U.S., if you're in a neighborhood with a large organized crime presence, passers-by will often refuse to testify, but what the parent is talking about in China today and the U.S. in this hypothetical future is different. In China, there is a recent history or at least public perception of victims falsely accusing good samaritan helpers of being the perpetrators in order to sue someone, even if they can't catch the perpetrator. The parent is saying that the U.S. could become the same way, except with would-be good samaritans/crime reporters not being afraid of the victims but of the police.
The police are not your friends. Sorry this guy had to learn that in a hard way. (Though apparently they have not yet shot his dog [1], so I guess he's gotten off easy so far.)
Indeed, calling the cops for any reason whatsoever will get you a good 30% chance you will be harassed, put in jail, or killed in the process. Don't do it.
Their own research, he called the police three times to see the response he would get, and the third time they came to his house and found nothing amiss, they arrested him. jokes
The police are not just my friends, they are my neighbors, my family. While much of my life is illicit I do not falter in my resolution of trying to work things out proper with the police.
Even if the overall result is a detriment to myself.
Not even close, not even close. People, which constitutes the police force in the US until robot overlords take over, make up the police.
People can sense bullshit and/or malice. I've bullshitted my way out of situations due to my obvious non-malicious intent. But have been 'boned' by trying to bullshit my way out of malicious acts.
I'm curious. Suppose someone you love is abducted, and the police arrive minutes after the adbuction and can probably catch the abductors if they start the chase immediately...but although there were many witnesses not a single one will tell the police which direction the abductors ran, or what kind of car they drove, or the license number without talking to a lawyer first, because they watched that video.
Would you continue to recommend it?
And yes, a surprisingly large number of people who watch it say that in the above circumstances, they would wait for a lawyer before saying "the kidnappers drove north".
That's an emergency, one of the few times when you should say enough for them to be able to execute an immediate action; specially if you care about such action being performed. Further unrelated questioning should be avoided under the pretense that you need to talk with a lawyer.
Good. Glad to see there is some common sense here. The last couple of times this came up, some said even in an emergency you should stay silent, because for example if you tell the police the kidnappers drove north in a white Honda, and it later turns out you were mistaken (it was a cream Toyota and they drove northwest), you might be suspected of being an accomplice purposefully misdirecting the police!
The blanket statement “Never talk to the police” is obviously either not very well-thought-out or not meant to be precise. What if you're the victim of a crime? A more honest title for this video would be “Talking to the police will only make you more likely to be convicted of a crime”. An infinitely-selfish person might interpret that as “Never talk to the police” (although even that interpretation has its weaknesses), but a reasonable, respectable person should consider the positive consequences of talking to the police and weigh them with the possibility that they will end up being wrongly convicted of a crime.
If you're innocent and have information that could potentially help stop a criminal from committing more crimes (as in OP's case, assuming his story is true), I think that in most cases it's totally reasonable to talk to the police, since the benefit to society would almost always outweigh the small possibility of being wrongly convicted of a crime. If you know that you're suspected of a crime, or that the police are likely to suspect you of a crime after you give them information (as OP potentially could have foreseen), then the question gets harder. Even when you know that you're suspected of a crime, I still think "Never talk to the police" is often overly-selfish, depending on the circumstances.
When you are the victim may be the only exception; police everywhere is "overly-selfish" in the sense that they score by getting criminals; meaning anyone perceived as such by most judging figures.
There's a conflicting opinion from a cop on Reddit. Basically he agrees that you should shut your mouth, not let them search your car just for the heck of it, etc ..., but when it comes to the question "Do you know why I stopped you?", playing dumb won't do you any favors. There's a lot of other useful info he says that are relevant to the thread.
Please. Then they charge you with uncooperative. You guys are assume all police officers are bad. I have seen officers asked and let people go after giving warning.
Let's be clever here, don't be dumb. The right thing to do is to turn on your cellphone's camera and start recording.
No they aren't. They wouldn't pull you over if they lacked evidence. Are you seriously suggesting saying nothing even if it is abundantly clear what happened? If you admit it and explain why you did it(maybe it was just a stupid mistake) you have a chance of not getting a ticket. Only time in my life I was pulled over and I explained what happened and why I made the mistake. Got off with a warning.
I think a major qualifier for that video is "if you're suspect of a crime". In the post, our main character claims to not have expected to come under suspicion.
I am not an expert, but the speaker in the video is very clear that you should avoid speaking to the police under all circumstances. It does not matter if they tell you that you're a suspect or not. He gives an example of a colleague asking if he should speak to the police when he is not a suspect and his advice is, "no!"
I admit, I was inserting personal opinion when using the phrase "a major qualifier". I think it's silly and antagonistic to the problems we already see with our demographic and police to always have an adversarial stance against law enforcement.
Do you disagree? Are there examples where you would talk to the police? For example, if your home was broken into?
So would you say that he's advocating to not depend on police help for anything (for the entirety of one's life), on the basis that it would require talking to police?
He appears to be advocating telling them the absolute minimum possible to achieve your objectives; and, in the case where you have been invited to say something, never to say anything. It is spectacular advice.
Though clearly the situation here is not one where the victim was invited to speak, if he had taken the advice to heart, he would have realized that speaking to the police in any capacity is extremely dangerous, and perhaps averted this disaster.
In my experience the people who have fucked me over the most have been mean bastards who like fucking people over. Some of them have worn hats, but most of them didn't and some of the folk in hats have also helped me out and I suspect most of the mean bastards in hats were mean before they even got the hat and there are a fair amount of mean bastards wondering about anyway.
Why are we so quick to believe OP's story at face value? There could be factors which led the police to investigate; factors which OP chose not to disclose.
There is, generally, no way to "brute force" an encrypted container containing child pornography for the simple reason that no one who respects the gravity of the situation would dare choose a password less than 8 characters. Even 8 a-z characters requires (26^8)/2==104.4 billion attempts to bruteforce on average, which is high. Real passwords are likely longer.
I realize how flimsy this argument is. They could've chosen a dictionary word as their password, which could indeed be brute forced. All I'm encouraging is for people to think. Turning in evidence of child pornography is the only way that child pornographers will be caught. Having the reaction of "don't go to authorities" will yield a worse society. Is our attitude really to be "fuck society, I'm looking out for myself"?
> There is, generally, no way to "brute force" an encrypted container containing child pornography for the simple reason that no one who respects the gravity of the situation would dare choose a password less than 8 characters. Even 8 a-z characters requires (26^8)/2 attempts to bruteforce on average, which is absurdly high.
That's just not true. People viewing images of child sexual abuse used to buy access using their credit card - Pete Townsend for one. (Obviously we need to be careful here; lots of crooks were using stolen credit cards).
Many people viewing images of child sexual abuse just aren't very good at encryption or anonymity.
> The slides cover the information-theoretic differences between SSL, Onion Routing, Mix Networks, and Shared Mailboxes. It talks about the size of the dataset I analyzed, and some broad percentages of the types of messages in it (PGP vs Non-PGP, Remailed vs Non-Remailed). Then I go into a large analysis of the types of PGP-encrypted messages there are. Messages encrypted to public keys, to passwords and passphrases, and PGP messages not encrypted at all!
I strongly agree that turning in the card is the only sensible choice. It's a scary option though.
> Even 8 a-z characters requires (26^8)/2==104.4 billion attempts to bruteforce on average, which is high
Nu-uh.
Small GPU clusters - 25 in the beneath case - get you 300 billion guesses a second, more than sufficient to guess a 26^8 password in a couple of seconds.
He probably only has one GPU working on the problem, but even at as low as a billion guesses a second, you're going to have the password in way less than a day. It's not unreasonable to think that he'd crack it, especially if he just set a computer to working on it for a couple of weeks or so - and I see no reason he wouldn't.
Also, nesting encrypted containers was/is something people do to hide file names on passworded zips. Which doesn't inspire confidence in the skills of the defender in this case. I see no reason someone would have done so if they'd used decent encryption, like a truecrypt volume.
I choose to be on the "dark side" which the majority of the comments here disagree with me.
If a police pull you over, don't look for verbal fight. Yes, you should ask "wassup, officer, what's the matter?". But don't start saying "I want a lawyer" if this is some speeding ticket or some ID check. Doing so is stupid - you are wasting police force patrolling. We got a lot of knockout game assault lately. I want more police patrolling. More.
Be clever. Just turn on video recorder on your cell phone and walk to the police. If you feel uncomfortable and you feel harassed, sure, use your right and tell the police you want a lawyer.
People have always distrust the authority, but ironically they always want more protections. I have dealt with quite a few police officers in my life and I find all of them friendly and reasonable. Just remain clam. Guys have pressures too - getting yell at and middle finger at every single fucking day on the street, worrying the next big time crime comes up at their face and die while enforcing law.
Yes, there are some assholes among the polices, but the majority are just everyone else's friend and family. We have assholes in IT, in fire fighters, in the army, in the government, in schools, in everywhere.
Whatever reason is behind this "unreasonable searches", let the story reveal on the news then. Let a general attorney get involved. On the other hands, I think it is reasonable for a police to actually ask to check if the contents have been wiped out or not. If you were told X person has decrypted the card and played the videos, you as the state probably want to ensure this content has not been saved in any more device. Yes, sounds stupid, but I think that's reasonable. Think about this - a child was raped and a cracker hacked into X's computer and distributed this file - is that bad? I am not saying the whole questioning family and friend is reasonable, I am not a law enforcer, but the other parts still seem reasonable.
-- EDIT --
I actually was a whistleblower myself once. I did the same thing the OP did. I turned in a child pornography evidence. Well, a bunch of people did because this was distributed online. At the time I was just a high school kid and I was managing a popular discussion forum. It was reported by some members on our forum and as a manager I decided to turn this over to the Taiwanese police by pointing them where this source was discovered. I submitted anonymously, however. I still encourage people to be a whistleblower / be a good citizen / good person at some point. We need to arrest these horrible assholes.
The first thing this person should have done if he/she wanted to actually help the victims was go to his/her own lawyer for advice. Barring that, the advice in the 4chan thread to destroy it is probably best for him (sadly).
This tale is all too believable. I wish I lived in a world where the police had the common sense to ask themselves, Why would the person who collected this material bring it to us? It makes no sense whatsoever that he would.
Anyway, independent of the truth of the anecdote, the advice seems sound. Why risk it?
Chance of you being jailed for it: above average. Chance that anyone will be helped by you turning it in: far below average. Take your chances, if you dare.
Doing anything to cover yourself, such as sending it to the cops through the mail anonymously will further raise the chances that the cops will try to pin it on you.
>It doesn't much matter if it's really true or not. The real question is whether it's plausible or not.
God lord, is that really the standard we want to use for any news source (even social news aggregation, such as Hacker News)? I may be lying but I'm lying well so that's basically as good as the truth?
Whether or not this story actually happened is irrelevant as there's nothing any of us can do to help the situation. It is however useful as a jumping off point for discussion and to come to a consensus about what we should do in a similar scenario.
Facts about this particular incident are irrelevant to a generalized discussion about police power and how we as people should respond to an irrational and/or overzealous police force. It is entirely uninteresting to discuss particular facts of an isolated incident; the real discussion comes from a generalization of the issues involved. For the purpose of initiating discussion, all that matters is that the scenario described is plausible. Of course its more than plausible, similar scenarios have played out before where well intentioned reports ended up getting investigated themselves. Discussing the pros vs cons of such a scenario do not require that the initial jumping off point be provably true.
Truth matters in discussions as well as the news. If we can't bring fact and reason to discourse, what's the point? Also, I'd hope the Hacker News community has at least a slightly higher standard for itself than 4Chan.
Ignoring the commentary on whether or not this needs to be a true story to be worth discussion, or as something to speculate on likelihood -- I've got the odd feeling that I trust the story more from 4chan than I do many "reputable" media sources today.
It seems the more mainstream media I consume, the more I notice faults in the reporting that, even where unintentional, connote bias. A simple, throwaway example from 2 minutes ago; the Grist reported on a possible fracking-induced earthquake. The earthquake was a relatively harmless 3.something, but the illustration for the photo was a large concrete wall that had been deeply cracked[1], as if to suggest that the earthquake had caused it.
In short, it's rare that I read an article from any news source without being able to point out either an inaccuracy, a vagueness or a deliberate misrepresentation of fact. That isn't to suggest that 4chan is inherently more reliable -- clearly, trolls like this happen all the time, and just for the lulz, but I don't see it as inherently less reliable a source either.
I would think that if you were to find something that you really think needs to be investigated, then it would be best to send it to experts on the subject rather than people who have no idea how to deal with it. The experts would have the training, funding and experience to properly deal with this. This would be especially critical if the material required fast action.
ETA:
It seems to me that if someone were to bring in this material, then investigating the "messenger" would be a waste of time. The information you need is largely in the images.
I imagine the first priority (other than decryption) would be to run the images against a national database. If there are images which aren't in the database, then you have new victims which may need immediate help. Then investigate the images for anything which would put a time and a place on the images. Investigating the person who turns these in seems like it would be quite a ways down the list.
The big question to me is why in the world would someone producing that kind of material hide it in a public place like that?
I also cant believe so many 4chan retards suggest he should have just burnt it and go on with his life. There might still be kids suffering at the moment or in the future in relation to this, so how can one possibly ignore it ? That feeling of not having atleast tried something to help would haunt me.
I think you are missing the point. Which is that there is risk involved in a situation where not only should there be no risk, but this guy should be praised for his honesty.
The justice system, and the police bureaucracy is working against it's citizens. Something it was designed against from it's inception, so the only fucking reason things are the way they are is corruption and greed. Maybe a privatized prison industry isn't a good idea. Maybe, the bureaucracy is the problem, and that is the issue you should be concerned with.
People are saying it's doubtful that he'd be able to brute-force two encrypted containers, but it's not. Most people use bad passphrases, because most password advice is terrible ("use a line from a poem but change some letters to numbers"), and because entropy is actually pretty difficult concept to understand and explain.
So this one time there was this one guy who was just, like, totally minding his own business and the police just arrested him. Therefore the United States is a police state and you should never ever talk with cops for any reason whatsoever.
There's no requirement to carry one, but in many states you must produce it if you are carrying it, and of course you need one to drive. If you're being cited for something, even something that doesn't typically come with jail time like say jaywalking, lack of ID usually translates into being arrested so they can "ascertain your identity".
I'm under the impression that this 4chan anecdote is lacking a ton of detail that would be needed to understand the story. Including, perhaps, the police perspective about why he was arrested.
"I was arrested for no reason. Fuck the police!" is a non-story.
Possession of CP is illegal. He went into a police station in possession of CP. Therefore, he is a lawbreaker. Simple as that. Yes, it's stupid...but these laws ARE stupid. You'd be in the exact same situation walking into the police station with a bag of cocaine or a sawed-off shotgun. They don't HAVE to bring charges and might choose not to, but that choice is at their discretion. No?
This is very possible. However, you can do both the right thing as well as protecting yourself by providing the evidence to the police in an anonymous fashion.
So how would you provide it in an anonymous fashion? Send it via mail, with your fingerprints and DNA on it? Or try to electronically transmit it via Tor or something, and if you mess up get jailed for electronically submitting such information.
Question, kind of relevant to the topic of talking to police: I heard that a cop can only search your car if there is a crime being committed. Say you admit to speeding. Then you admitted to police that you committed a crime. Does that mean that the cop can search your car now?
As the poster on 4chan concludes, you may not want to speak to the police about such things. However, not doing so could potentially result in accusations of knowing but not reporting a crime, or worse - destruction of evidence. I suspect there's no winning here, sadly :(
What follows is my initial thoughts off the top of my head as to how I might attempt to mitigate any accusations. This is not legal advice.
Firstly, if it looks to have been deliberately concealed, contact your building's security and/or the police (non-emergency). Don't touch it yourself at all. I cannot stress this enough. When contacting the police, ask them for instructions on what you should do, and get a name. If you can't stay at the scene until someone arrives, just tell them as much. You should be given a reference number and can update them if you need to be relived by someone.
Odds are, an unknown concealed item that is not likely to be an explosive or drugs is probably of little interest to your typical cop, and (sadly?) they will never get around to looking at it.
There might be some legitimate reasons to investigate further, for example with respect to an organisation's security. If you are in a large organisation, escalate the matter upwards and touch nothing, no matter how tempting. For many good reasons, security/fraud investigations often are on a strict need-to-know basis. Get the appropriate person to contact the police and take their guidance.
Let's assume for the purpose of this post that you are the right person, and there is no existing investigation which this may relate to. Your natural curiosity should be ignored, however, unless you have a genuine concern of data exfiltration or other potentially malicious activities.
But who I am kidding, of course you do, most organisations do! Now you need to make sure you can preserve as much evidence as possible, perform a detailed investigation, but all the time protect yourself from both legal and technical risks. What follows assumes high risk. Do your own judgement on the risks involved and if the steps below mitigate them adequately (they are probably over the top, this is not a bad thing). Assume that before and after each of these there is a "Listen to the police and/or your legal team".
1. Photograph in situ first, ideally with some means to date the photograph. If possible, get a second person involved. If the area is covered by CCTV, get the footage pulled for cross-referencing. Photographs are useful for the higher resolution details.
1a. Record everything on video.
2. Speaking of CCTV, you'll want to get someone to look at the tapes. This is left as an exercise for the reader, especially the bit about making it not soul-destroying manual observation. This point also covers all the non-technical but essential things like "who had access to this area", "do we stock that type of device", etc. Never forget that the old-fashioned non-technical questions can often give the best answers.
2. Use gloves and carefully remove the device. Take note of the environment it was in, with special interest for clues as to how long it has been there. Examine briefly for any markings. Place immediately into clear plastic bag, marking it with a description of the contents and ideally adding tamper seals. Clear plastic bag means you can verify the device hasn't changed. When not performing investigatory work, the bag should be locked in a dedicated place for evidential material.
3. Establish an air-gapped secure system to perform analysis on. Assume that malware will be present and that you will want to be able to detect and analyse it. Ideally have an investigations laboratory to add physical controls around the air-gap.
4. Establish a log book. Record the date, time, action taken, and tamper seal codes before and after. There will be more things you will wish to record, of course - this is only a rough guide.
5. Acquire a write-block device. These are utterly essential for any form of forensic investigation, and typically block at (what courts consider to be) hardware-level any modification to the device.
6. Attach the device to your air-gapped system using the write-blocker. At this point, the air-gapped system is dirty and will need to be forensically wiped/destroyed once you are finished.
7. Using Encase, similar forensic tools, or failing that GNU dd_rescue, image the device. Never, ever, work off the original device. The police and/or auditors may want to take their own copy, this is normal.
8. With respect to the log book, treat this image like the original device. This log book is what you use to back up "I was performing a security investigation". This includes any automated testing or password cracking you attempt.
9. If your organisation handles classified information, it goes without saying that identifying if any is present is your top priority - no matter what the implications that then has
10. Limit who gets to actually view the data on the device to an absolute minimum. You don't know what's there, it could be personal HR information or finances, or that hush-hush restructuring project. The fewer eyes the better. Ideally this should be someone trained in forensic examination and with a high enough clearance to view any potential contents.
11. Know when to give up. Seriously, you could spend years diving into the contents of a 64GB device, and never actually get anything useful.
12. Ask a legal person about how long to retain the device for once you've finished.
13. Assuming you have identified that the contents need further examination, look into eDiscovery tools like Symantec Clearwell, and visualisation tools like the excellent Gephi. Perform technical wizardry rather than wading through a hundred thousand files manually. You're reading hacker news, remember! ;)
14. Assuming that the police have been involved, update them. However if it really is an unknown item and there is otherwise little that is suspicious, they probably won't be that interested and/or will close the call silently.
Apparently I Am Not A Lawyer, And I Repeatedly Assert This Fact. I work in IT Security, and have been involved in quite a few investigations or varying types. Due to their nature, we knew the source of the data on most occasions, so many of the above steps were unnecessary. I'd rather suggest too many protective controls than too few - safer if I know I'm not a lawyer!
Soon we're going to be a society where no one trusts anyone else, and thus it will be better to ignore the CP flowing around instead of getting involved. Reminds me of the mentality they have in third world countries about the local gangster warlords. Hear nothing, see nothing, say nothing.
A few months ago I posted here looking for help with a SD card I found while renovating a school. It was hidden in a wall outlet, and had several files with names on them, and obviously was a bunch of encrypted containers.
Well, I managed to brute force one of them and inside was more containers, but a month ago I managed to open another and this time there was videos and pictures, stuff that made me go to the cops right away.
So I turned over everything to them and told them all I knew, and that's when the bullshit began. Right from the start the police thought I had something to do with it. They took every device in my home that could store data, my phone, my laptops and computers, my PS3, even all my USB drives and camera. They questioned my family and went to my job and harassed everyone that I had any contact with,
Right now I still haven't gotten any of my property back, and my friends and family think I am a creep. I am writing this to give a warning to everyone that works with IT if they end up in a situation like me. Don't go to the authorities, don't try and do the right thing, don't say a fucking thing just destroy what you found and move on. Trying to be a good person is just going to fuck your life over